What is encrypted DNS traffic?
Encrypted DNS traffic is a protected connection between human-friendly website names (like nordvpn.com) and machine-friendly IP (internet protocol) addresses (like 172.217.5.110) which helps you land on the website you intended to visit. Whenever DNS traffic is encrypted, your DNS requests are shielded from various cyber attacks and third parties peeking at your activity online.
DNS is often referred to as the phonebook of the internet. When you type a web address (URL) into the browser, your computer initially doesn’t understand where you want to go on the internet. That’s where the DNS comes in. When you enter a URL, your browser contacts a DNS server and asks for the designated IP address — a string of numbers that identify every device connected to the internet.
What does "network blocking encrypted DNS traffic" mean?
The message “This network is blocking encrypted DNS traffic” means that the network you’re trying to connect to doesn’t comply with the security standards set on your Apple device. Not supporting the newest security standards, your device returns to unencrypted DNS traffic. The privacy warning can appear when you’re trying to connect to a new Wi-Fi network or reconnect to the one you always use.
Falling back to a DNS that is not encrypted means that other entities on the same network can check which sites you visit. For instance, ISPs (internet service providers) operate the DNS servers that you use, which lets them check your network traffic, gather information about your online interests and habits, and sometimes even sell it to marketing companies. However, eavesdroppers can only see the websites you visit, not the exact pages or data transfers.
Since iOS 14, Apple has been encrypting DNS traffic so that ISPs couldn’t see where you go online. As a result, some ISPs try blocking DNS encryption and get to you either way, resulting in a message warning.
How to fix "This network is blocking encrypted DNS traffic"
The good news is that there are numerous ways to bypass the privacy warning and restore your DNS traffic encryption. Remember that this issue can recur more than once, even using the same network as you always do.
The following are the most common solutions for restoring your encrypted connection.
1. Restart your iOS device and router
The easiest way to stop encrypted DNS traffic from being blocked is to restart your iOS. When you restart your phone or tablet, all the processes and applications on your device start to run anew. It’s also a good idea to restart your router:
- 1.Turn it off.
- 2.Wait for at least 15-20 seconds before turning it on again.
- 3.Reconnect your device.
2. Forget and reconnect to the WiFi network
It might be that the problem stems not from your device but from the Wi-Fi network. So instead of just reconnecting to the Wi-Fi, try to forget the network first. This will help to reset network credentials.
Here are the instructions to do that on your iPhone.
- 1.
Go to “Settings” and tap on “Wi-Fi.”
- 2.
Tap on your network or the info button on the right.
- 3.
Tap “Forget this network” to disconnect.
- 4.
A popup will appear asking to “Forget,” click on it to confirm.
To connect to the network again:
- 1.
Go to “Settings,” tap on “Wi-Fi” and pick the name of the network you want to connect to.
- 2.
Enter the username and password, and press "Join."
3. Update your phone and router software
Your encrypted DNS traffic might suffer because of a software bug or error. Keeping your software up to date will help ensure your connection’s security and performance.
To update your router firmware, go into the settings and run the firmware update.
To update your iOS device:
- 1.
Go to “Settings,” tap on “General,” and then on “Software update” — the available update should appear here.
- 2.
Tap on “Download and install.”
- 3.
Check the “Terms and conditions,” and let the update begin.
4. Reset network settings
Resetting your network settings might also help to clear out bugs and enable you to use encrypted DNS.
The steps to resetting your network settings are the following:
- 1.
Go to “Settings,” tap on “General" and then on “Transfer or reset iPhone.”
- 2.
Tap on “Reset.”
- 3.
Select “Reset network settings.”
- 4.
Enter your device passcode.
- 5.
Once again, select “Reset network settings.”
5. Configure DNS settings
If the privacy warning still shows, try to configure DNS settings. You can do this by following the below steps:
- 1.
Go to “Settings” and tap on “Wi-Fi.”
- 2.
Tap on your network or the info button on the right.
- 3.
Tap on “Configure DNS.”
- 4.
Change “Automatic” to “Manual” and tap “Add server.”
- 5.
Enter a DNS server’s IP address (for example, 8.8.8.8 and 8.8.4.4 which are Google’s DNS servers addresses) and tap "Save."
6. Use the WPA3 security protocol
If your router’s security protocols are outdated, they might not comply with Apple’s standards anymore, and you’ll keep receiving a warning about the blocked DNS encryption. Currently, most devices support the WPA3 security protocol, so it’s a good idea to check which security protocol your router is using and change it if needed.
To do that, you’ll first need to find your router’s IP address. Here’s how you can do that on your iPhone:
- 1.
Go to “Settings” and tap on “Wi-Fi.”
- 2.
Tap on your network or the info button on the right.
- 3.
Scroll down to “IPv4 address” — the IP address you need is labeled as “Router.”
After getting your router’s IP address, log into your router’s admin panel by following the steps below:
- 1.Open a web browser.
- 2.Enter the router IP in the address bar.
- 3.Enter the username and password on your router’s homepage. Note: The username and password should be printed on the router box. However, if you changed the password and cannot remember it or forgot your username, you can set the router to the factory settings and use the ones written on the box.
- 4.Once you’re in the router’s panel, tap on “Security” or “Wireless.”
- 5.In the “Security options” section, change the protocol to “WPA3.”
- 6.Your router will restart, and you’ll be disconnected from the network.
- 7.Connect to the network with the password.
7. Install a VPN
A VPN (virtual private network) is a solution for those who seek the highest level of privacy and security and are willing to stop ISPs from snooping around their network traffic.
Whenever you use a VPN, your DNS traffic is routed through VPN servers, which are always encrypted. A good VPN service provides a secure, encrypted tunnel for online traffic to flow — nobody can see through that tunnel, snoop on which websites you’re visiting, get their hands on your online data, or find your real IP address and location.
Like what you’re reading?
Get the latest stories and announcements from NordVPN
We won’t spam and you will always have the choice to unsubscribe